Hi Lonnie,
I agree that the idea to use VirtualBox on Genode/NOVA is pretty intriguing. The most obvious reason is the completeness and product quality of the included device models, which support most guest OSes out of the box. Also the guest-integration features such as shared folders and shared clipboard are excellent. Not to speak of the ability to run certain proprietary OSes that many people seem to enjoy using. Hence, we had the topic listed on our collection of "challenges" for a long time:
http://genode.org/about/challenges
The good news first: We have actually been experimenting with VirtualBox internally at Genode Labs since several months now. The first working version of VirtualBox on Genode/NOVA will be included in the upcoming Genode release scheduled for the end of February.
Even though your statement about VirtualBox being quite portable is correct, unfortunately, the way of how this portability is achieved by the VirtualBox architecture contradicts fundamentally with the NOVA architecture. Slightly simplifying, when starting a virtual machine using VirtualBox, the VirtualBox user process installs a "hypervisor" beneath the host kernel via a special kernel interface provided by the "vboxdrv" kernel module. This hypervisor takes over the control over the physical machine and implements the world switch between the host OS and the virtual machines. The VirtualBox hypervisor is portable for the sole reason of running underneath the host OS. It is pretty self-sufficient and does not largely depend on the host OS to be functional. Porting the VirtualBox hypervisor to another host OS basically means to realize a host-OS-specific solution to sneak-in the hypervisor under the running kernel.
With this insight, it is clear that the traditional way of porting VirtualBox would undermine the very idea behind a microkernel-based system. It would be a sacrilege to punch a gaping security hole into the NOVA hypervisor in order to allow the installation of another hypervisor (i.e., the VirtualBox hypervisor that is orders of magnitude more complex than the NOVA kernel) underneath the NOVA kernel. Moreover, in the VirtualBox architecture, the VirtualBox user process is ultimately trusted (well, it can install new code into the host kernel using the vboxdrv interface). So the trusted computing would be inflated not only by the VirtualBox hypervisor but also by the even more complex VirtualBox user process.
However, fortunately, we have found another approach to bring together both technologies. The idea comes down to replacing the mechanisms normally provided by the VirtualBox hypervisor with NOVA's virtualization interface for user-level VMMs. Although VirtualBox was never designed for such a feat, it apparently turned out to be a feasible (albeit challenging) route. Of course, we will describe more details about how it works once we publish the code end of February.
Cheers Norman
On 01/13/2014 10:01 PM, Lonnie Cumberland wrote:
Greetings All,
I hope that you are all doing well today. My learning is proceeding well with regards to NOVA and Genode. I truly do like this work and am excited to start doing more as I get better familiarized with the inner-workings.
My particular interest is with NOVA + Genode + Seoul (or similar VMM) for various work that I am looking into at the moment.
With that in mind, a thought had occurred to me and I wanted to ask the group for your thoughts in this area.
As you know, there are a number of other open source hypervisors (Type 1 and Type 2) with on of them being Virtualbox (Oracle) that runs well as a Type 2 hypervisor. My understanding is that Virtualbox is also reasonably easy to port to other platforms as well. The power of Virtualbox is that it is very mature at this point and I was wondering.
Would there be an advantage to have Virtualbox ported to Genode to run under NOVA?
The idea is that since it is already fairly mature, then perhaps it might make a very stable and suitable VMM (in place of Seoul) so that Genode (under NOVA) could run general purposes commodity OS's like Windows and Linux. I am sure that this would be a lot of work, but it seems that that might be an interesting idea.
Any comments?
Kind Regards and have a great day, Lonnie